capacitor-freerasp 1.5.3 → 1.7.0

package/CHANGELOG.md

@@ -5,7 +5,60 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.7.0] - 2024-11-19
+
+### Capacitor
+
+#### Added
+
+- Added `adbEnabled` callback, which allows you to detect USB debugging option enabled in the developer settings on the device
+
+### Android
+
+#### Added
+
+- ADB detection feature
+
+## [1.6.0] - 2024-11-15
+
+-   Android SDK version: 12.0.0
+-   iOS SDK version: 6.6.3
+
+### Capacitor
+
+#### Added
+
+-  Added configuration fields for malware detection 
+
+#### Fixed
+
+- Resolved compatibilty issues with JDK 21 [(issue #21)](https://github.com/talsec/Free-RASP-Capacitor/issues/21)
+
+### Android
+
+#### Added
+
+- New feature: **malware detection** as a new callback for enhanced app security
+
+#### Fixed
+
+- Refactoring Magisk checks in the root detection
+
+### iOS
+
+#### Added
+
+- Enhanced security with **[Serotonin Jailbreak](https://github.com/SerotoninApp/Serotonin) Detection** to identify compromised devices.
+
+#### Changed
+
+- Updated SDK code signing; it will now be signed with:
+  - Team ID: PBDDS45LQS
+  - Team Name: Lynx SFT s.r.o.
+
 ## [1.5.3] - 2024-10-28
+- Android SDK version: 11.1.3
+- iOS SDK version: 6.6.1
 
 ### iOS
 
@@ -13,6 +66,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Renewed the signing certificate
 
 ## [1.5.2] - 2024-10-18
+- Android SDK version: 11.1.3
+- iOS SDK version: 6.6.0
 
 ### Android
 

package/README.md

@@ -10,7 +10,6 @@ freeRASP for Capacitor is a mobile in-app protection and security monitoring plu
 
 :loudspeaker: The official documentation has been moved to a new location. You can now find it [here](https://docs.talsec.app/docs-and-articles-portal). :loudspeaker:
 
-
 # Overview
 
 The freeRASP is available for Flutter, Cordova, Capacitor, React Native, Android, and iOS developers. We encourage community contributions, investigations of attack cases, joint data research, and other activities aiming to make better app security and app safety for end-users.
@@ -46,6 +45,11 @@ Learn more about commercial features at [https://talsec.app](https://talsec.app)
 
 Learn more about freemium freeRASP features at [GitHub main repository](https://github.com/talsec/Free-RASP-Community).
 
+## :radioactive: freeMalwareDetection
+**freeMalwareDetection** is a powerful feature designed to enhance the security of your Android application by quickly and efficiently scanning for malicious or suspicious applications (e.g. Android malware) based on various blacklists and security policies. It helps to detect apps with suspicious package names, hashes, or potentially dangerous permissions.
+
+After the integration of freeRASP, make sure you visit the [freeMalwareDetection](https://docs.talsec.app/freemalwaredetection) repository to learn more about this feature!
+
 # :book: Discover the Official freeRASP Documentation
 
 Visit the [GitBook page](https://docs.talsec.app/freerasp) for comprehensive and up-to-date guides, tutorials, and technical documentation specifically for freeRASP. It serves as your go-to resource, offering everything from basic instructions to advanced tips and tricks to help you get the most out of the project.
@@ -56,12 +60,6 @@ For integrating freeRASP on the Capacitor platform, be sure to follow all the st
 
 Be sure to bookmark it and stay informed! :books: :sparkles:.
 
-## :scroll: Reference to Legacy Documentation
-
-If you have any suggestions for improvement or notice anything that could be clarified in the new GitBook documentation, please open an issue. Your feedback helps us maintain high-quality resources for all users. 
-
-For information on older integration methods, you can refer to the [freeRASP wiki](https://github.com/talsec/Free-RASP-Capacitor/wiki), which includes comprehensive legacy details and guidance. Additionally, the old integration can be found when you checkout to a specific tag. Your input is invaluable in helping us improve our resources and provide even better support for your needs.
-
 # :rocket: What's New and Changelog
 
 Stay informed and make the most of freeRASP by checking out [What's New and Changelog](https://docs.talsec.app/freerasp/whats-new-and-changelog)! Here, you’ll discover the latest features, enhancements, and bug fixes we’ve implemented to improve your experience across all platforms, including Android, iOS, Flutter, React Native, Capacitor, and Cordova. 
@@ -76,4 +74,4 @@ You can check out the project board [here](https://github.com/orgs/talsec/projec
 
 # :page_facing_up: License
 
-This project is provided as freemium software, i.e. there is a fair usage policy that imposes some limitations on the free usage. The SDK software consists of open-source and binary parts, which is the property of Talsec. The open-source part is licensed under the MIT License - see the LICENSE file for details.
+This project is provided as freemium software, i.e. there is a fair usage policy that imposes some limitations on the free usage. The SDK software consists of open-source and binary parts, which is the property of Talsec. The open-source part is licensed under the MIT License - see the LICENSE file for details.

package/android/build.gradle

@@ -17,11 +17,13 @@ buildscript {
     dependencies {
         classpath 'com.android.tools.build:gradle:8.0.0'
         classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
+        classpath "org.jetbrains.kotlin:kotlin-serialization:1.9.25"
     }
 }
 
 apply plugin: 'com.android.library'
 apply plugin: 'org.jetbrains.kotlin.android'
+apply plugin: 'kotlinx-serialization'
 
 android {
     namespace "com.aheaditec.freerasp"
@@ -48,6 +50,10 @@ android {
         sourceCompatibility JavaVersion.VERSION_17
         targetCompatibility JavaVersion.VERSION_17
     }
+
+    kotlinOptions {
+        jvmTarget = "17"
+    }
 }
 
 repositories {
@@ -67,9 +73,10 @@ dependencies {
     implementation project(':capacitor-android')
     implementation "androidx.appcompat:appcompat:$androidxAppCompatVersion"
     implementation "androidx.core:core-ktx:$androidCoreKtxVersion"
+    implementation "org.jetbrains.kotlinx:kotlinx-serialization-json:1.6.3"
     testImplementation "junit:junit:$junitVersion"
     androidTestImplementation "androidx.test.ext:junit:$androidxJunitVersion"
     androidTestImplementation "androidx.test.espresso:espresso-core:$androidxEspressoCoreVersion"
     
-    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community-Capacitor:11.1.3'
+    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community-Capacitor:13.0.0'
 }

package/android/src/main/java/com/aheaditec/freerasp/FreeraspPlugin.kt

@@ -1,5 +1,9 @@
 package com.aheaditec.freerasp
 
+import com.aheaditec.freerasp.utils.getArraySafe
+import com.aheaditec.freerasp.utils.getNestedArraySafe
+import com.aheaditec.freerasp.utils.toEncodedJSArray
+import com.aheaditec.talsec_security.security.api.SuspiciousAppInfo
 import com.aheaditec.talsec_security.security.api.Talsec
 import com.aheaditec.talsec_security.security.api.TalsecConfig
 import com.aheaditec.talsec_security.security.api.ThreatListener
@@ -31,7 +35,6 @@ class FreeraspPlugin : Plugin() {
             bridge.activity.runOnUiThread {
                 Talsec.start(context, talsecConfig)
             }
-            Talsec.start(context, talsecConfig)
             call.resolve(JSObject().put("started", true))
         } catch (e: Exception) {
             call.reject("Error during Talsec Native plugin initialization - ${e.message}", "TalsecInitializationError", e)
@@ -70,7 +73,7 @@ class FreeraspPlugin : Plugin() {
     fun getThreatChannelData(call: PluginCall) {
         val channelData = JSONArray(
             (listOf(
-                THREAT_CHANNEL_NAME, THREAT_CHANNEL_KEY
+                THREAT_CHANNEL_NAME, THREAT_CHANNEL_KEY, MALWARE_CHANNEL_KEY
             ))
         )
         call.resolve(JSObject().put("ids", channelData))
@@ -85,10 +88,34 @@ class FreeraspPlugin : Plugin() {
         android.os.Process.killProcess(android.os.Process.myPid())
     }
 
+    /**
+     * Add app with given package name to Talsec Malware Whitelist
+     * @param packageName - package name of the whitelisted app
+     * @return true if successful
+     */
+    @PluginMethod
+    fun addToWhitelist(call: PluginCall) {
+        val packageName = call.getString("packageName")
+        if (packageName.isNullOrEmpty()) {
+            call.reject(
+                "Package name argument is missing or empty in the call",
+                "MissingArgumentError"
+            )
+            return
+        }
+        Talsec.addToWhitelist(context, packageName)
+        call.resolve(JSObject().put("result", true))
+    }
+
     internal fun notifyListeners(threat: Threat) {
         notifyListeners(THREAT_CHANNEL_NAME, JSObject().put(THREAT_CHANNEL_KEY, threat.value), true)
     }
 
+    internal fun notifyMalware(suspiciousApps: MutableList<SuspiciousAppInfo>) {
+        notifyListeners(THREAT_CHANNEL_NAME, JSObject().put(THREAT_CHANNEL_KEY, Threat.Malware.value).put(
+            MALWARE_CHANNEL_KEY, suspiciousApps.toEncodedJSArray(context)), true)
+    }
+
     private fun buildTalsecConfigThrowing(configJson: JSObject): TalsecConfig {
         val androidConfig = configJson.getJSONObject("androidConfig")
         val packageName = androidConfig.getString("packageName")
@@ -98,6 +125,13 @@ class FreeraspPlugin : Plugin() {
             .supportedAlternativeStores(androidConfig.getArraySafe("supportedAlternativeStores"))
             .prod(configJson.getBool("isProd") ?: true)
 
+        if (androidConfig.has("malwareConfig")) {
+            val malwareConfig = androidConfig.getJSONObject("malwareConfig")
+            talsecBuilder.whitelistedInstallationSources(malwareConfig.getArraySafe("whitelistedInstallationSources"))
+            talsecBuilder.blacklistedHashes(malwareConfig.getArraySafe("blacklistedHashes"))
+            talsecBuilder.blacklistedPackageNames(malwareConfig.getArraySafe("blacklistedPackageNames"))
+            talsecBuilder.suspiciousPermissions(malwareConfig.getNestedArraySafe("suspiciousPermissions"))
+        }
         return talsecBuilder.build()
     }
 
@@ -106,5 +140,7 @@ class FreeraspPlugin : Plugin() {
             .toString() // name of the channel over which threat callbacks are sent
         private val THREAT_CHANNEL_KEY = (10000..999999999).random()
             .toString() // key of the argument map under which threats are expected
+        val MALWARE_CHANNEL_KEY = (10000..999999999).random()
+            .toString() // key of the argument map under which malware data is expected
     }
 }

package/android/src/main/java/com/aheaditec/freerasp/Threat.kt

@@ -23,6 +23,8 @@ internal sealed class Threat(val value: Int) {
     object ObfuscationIssues : Threat((10000..999999999).random())
     object SystemVPN : Threat((10000..999999999).random())
     object DevMode : Threat((10000..999999999).random())
+    object Malware : Threat((10000..999999999).random())
+    object ADBEnabled : Threat((10000..999999999).random())
 
     companion object {
         internal fun getThreatValues(): JSONArray {
@@ -40,7 +42,9 @@ internal sealed class Threat(val value: Int) {
                     UnofficialStore.value,
                     Overlay.value,
                     ObfuscationIssues.value,
-                    DevMode.value
+                    DevMode.value,
+                    Malware.value,
+                    ADBEnabled.value
                 ))
             )
         }

package/android/src/main/java/com/aheaditec/freerasp/ThreatHandler.kt

@@ -38,7 +38,9 @@ internal class TalsecThreatHandler(private val instance: FreeraspPlugin) :
         instance.notifyListeners(Threat.ObfuscationIssues)
     }
 
-    override fun onMalwareDetected(p0: MutableList<SuspiciousAppInfo>?) {}
+    override fun onMalwareDetected(suspiciousAppInfos: MutableList<SuspiciousAppInfo>?) {
+        instance.notifyMalware(suspiciousAppInfos ?: mutableListOf())
+    }
 
     override fun onUnlockedDeviceDetected() {
         instance.notifyListeners(Threat.Passcode)
@@ -52,6 +54,10 @@ internal class TalsecThreatHandler(private val instance: FreeraspPlugin) :
         instance.notifyListeners(Threat.DevMode)
     }
 
+    override fun onADBEnabledDetected() {
+        instance.notifyListeners(Threat.ADBEnabled)
+    }
+
     override fun onSystemVPNDetected() {
         instance.notifyListeners(Threat.SystemVPN)
     }

package/android/src/main/java/com/aheaditec/freerasp/models/CapSuspiciousAppInfo.kt

@@ -0,0 +1,25 @@
+package com.aheaditec.freerasp.models
+
+import kotlinx.serialization.Serializable
+
+
+/**
+ * Simplified, serializable wrapper for Talsec's SuspiciousAppInfo
+ */
+@Serializable
+data class CapSuspiciousAppInfo(
+    val packageInfo: CapPackageInfo,
+    val reason: String,
+)
+
+/**
+ * Simplified, serializable wrapper for Android's PackageInfo
+ */
+@Serializable
+data class CapPackageInfo(
+    val packageName: String,
+    val appName: String?,
+    val version: String?,
+    val appIcon: String?,
+    val installerStore: String?
+)

package/android/src/main/java/com/aheaditec/freerasp/utils/Extensions.kt

@@ -0,0 +1,96 @@
+package com.aheaditec.freerasp.utils
+
+import android.content.Context
+import android.content.pm.PackageInfo
+import android.util.Base64
+import android.util.Log
+import com.aheaditec.freerasp.models.CapPackageInfo
+import com.aheaditec.freerasp.models.CapSuspiciousAppInfo
+import com.aheaditec.talsec_security.security.api.SuspiciousAppInfo
+import com.getcapacitor.JSArray
+import kotlinx.serialization.encodeToString
+import kotlinx.serialization.json.Json
+import org.json.JSONArray
+import org.json.JSONException
+import org.json.JSONObject
+
+private inline fun <reified T> JSONArray.toPrimitiveArray(): Array<T> {
+    val output = mutableListOf<T>()
+
+    for (i in 0 until this.length()) {
+        val element: T = when (T::class) {
+            String::class -> this.getString(i) as T
+            Int::class -> this.getInt(i) as T
+            Double::class -> this.getDouble(i) as T
+            Long::class -> this.getLong(i) as T
+            Boolean::class -> this.getBoolean(i) as T
+            else -> throw JSONException("Cannot parse JSON array - unsupported type")
+        }
+        output.add(element)
+    }
+    return output.toTypedArray()
+}
+
+internal fun JSONObject.getArraySafe(key: String): Array<String> {
+    if (this.has(key)) {
+        val inputArray = this.getJSONArray(key)
+        return inputArray.toPrimitiveArray()
+    }
+    return arrayOf()
+}
+
+internal fun JSONObject.getNestedArraySafe(key: String): Array<Array<String>> {
+    val outArray = mutableListOf<Array<String>>()
+    if (this.has(key)) {
+        val inputArray = this.getJSONArray(key)
+        for (i in 0 until inputArray.length()) {
+            outArray.add(inputArray.getJSONArray(i).toPrimitiveArray())
+        }
+    }
+    return outArray.toTypedArray()
+}
+
+/**
+ * Converts the Talsec's SuspiciousAppInfo to Capacitor equivalent
+ */
+internal fun SuspiciousAppInfo.toCapSuspiciousAppInfo(context: Context): CapSuspiciousAppInfo {
+    return CapSuspiciousAppInfo(
+        packageInfo = this.packageInfo.toCapPackageInfo(context),
+        reason = this.reason,
+    )
+}
+
+/**
+ * Converts the Android's PackageInfo to Capacitor equivalent
+ */
+internal fun PackageInfo.toCapPackageInfo(context: Context): CapPackageInfo {
+    return CapPackageInfo(
+        packageName = this.packageName,
+        appName = Utils.getAppName(context, this.applicationInfo),
+        version = this.versionName,
+        appIcon = Utils.getAppIconAsBase64String(context, this.packageName),
+        installerStore = Utils.getInstallationSource(context, this.packageName)
+    )
+}
+
+/**
+ * Convert the Talsec's SuspiciousAppInfo to base64-encoded JSArray,
+ * which can be then sent to Capacitor
+ */
+internal fun MutableList<SuspiciousAppInfo>.toEncodedJSArray(context: Context): JSArray {
+    val output = JSArray()
+    this.forEach { suspiciousAppInfo ->
+        val capSuspiciousAppInfo = suspiciousAppInfo.toCapSuspiciousAppInfo(context)
+        try {
+            val encodedAppInfo =
+                Base64.encodeToString(
+                    Json.encodeToString(capSuspiciousAppInfo).toByteArray(),
+                    Base64.DEFAULT
+                )
+            output.put(encodedAppInfo)
+        } catch (e: Exception) {
+            Log.e("Talsec", "Could not serialize suspicious app data: ${e.message}")
+        }
+    }
+    return output
+}

package/android/src/main/java/com/aheaditec/freerasp/utils/Utils.kt

@@ -0,0 +1,81 @@
+package com.aheaditec.freerasp.utils
+
+import android.content.Context
+import android.content.pm.ApplicationInfo
+import android.graphics.Bitmap
+import android.graphics.Canvas
+import android.graphics.drawable.BitmapDrawable
+import android.os.Build
+import android.util.Base64
+import android.util.Log
+import java.io.ByteArrayOutputStream
+
+internal object Utils {
+
+    private fun compressBitmap(bitmap: Bitmap): String {
+        val byteArrayOutputStream = ByteArrayOutputStream()
+        bitmap.compress(Bitmap.CompressFormat.PNG, 10, byteArrayOutputStream)
+        val byteArray = byteArrayOutputStream.toByteArray()
+        return Base64.encodeToString(byteArray, Base64.NO_WRAP)
+    }
+
+    /**
+     * Retrieves human-readable application name
+     */
+    internal fun getAppName(context: Context, applicationInfo: ApplicationInfo?): String? {
+        return applicationInfo?.let { context.packageManager.getApplicationLabel(it) as String }
+    }
+
+    /**
+     * Retrieves app icon for the given package name as Drawable, transforms it to Bitmap,
+     * compresses to PNG and finally encodes the data to Base64
+     * @param context Capacitor context
+     * @param packageName package name for which icon should be retrieved
+     * @return Base-64 encoded string
+     */
+    internal fun getAppIconAsBase64String(context: Context, packageName: String): String? {
+        try {
+            val drawable = context.packageManager.getApplicationIcon(packageName)
+
+            if (drawable is BitmapDrawable && drawable.bitmap != null) {
+                return compressBitmap(drawable.bitmap)
+            }
+
+            if (drawable.intrinsicWidth > 0 && drawable.intrinsicHeight > 0) {
+                val bitmap = Bitmap.createBitmap(
+                    drawable.intrinsicWidth,
+                    drawable.intrinsicHeight,
+                    Bitmap.Config.ARGB_8888
+                )
+                val canvas = Canvas(bitmap)
+                drawable.setBounds(0, 0, canvas.width, canvas.height)
+                drawable.draw(canvas)
+                return compressBitmap(bitmap)
+            }
+            return null
+        } catch (e: Exception) {
+            Log.e("Talsec", "Could not retrieve app icon for ${packageName}: ${e.message}")
+            return null
+        }
+    }
+
+    /**
+     * Retrieves installation source for the given package name
+     * @param context Capacitor context
+     * @param packageName package name for which installation source should be retrieved
+     * @return Installation source package name
+     */
+    @Suppress("DEPRECATION")
+    internal fun getInstallationSource(context: Context, packageName: String): String? {
+        return try {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                context.packageManager.getInstallSourceInfo(packageName).installingPackageName
+            } else {
+                context.packageManager.getInstallerPackageName(packageName)
+            }
+        } catch (e: Exception) {
+            Log.e("Talsec", "Could not retrieve app installation source for ${packageName}: ${e.message}")
+            null
+        }
+    }
+}

package/dist/esm/definitions.d.ts

@@ -10,25 +10,48 @@ export interface FreeraspPlugin {
         ids: number[];
     }>;
     getThreatChannelData(): Promise<{
-        ids: [string, string];
+        ids: [string, string, string];
+    }>;
+    addToWhitelist(options: {
+        packageName: string;
+    }): Promise<{
+        result: boolean;
     }>;
 }
-export type FreeraspConfig = {
+export declare type FreeraspConfig = {
     androidConfig?: AndroidConfig;
     iosConfig?: IOSConfig;
     watcherMail: string;
     isProd?: boolean;
 };
-export type AndroidConfig = {
+export declare type AndroidConfig = {
     packageName: string;
     certificateHashes: string[];
     supportedAlternativeStores?: string[];
+    malwareConfig?: MalwareConfig;
 };
-export type IOSConfig = {
+export declare type IOSConfig = {
     appBundleId: string;
     appTeamId: string;
 };
-export type NativeEventEmitterActions = {
+export declare type MalwareConfig = {
+    blacklistedHashes?: string[];
+    blacklistedPackageNames?: string[];
+    suspiciousPermissions?: string[][];
+    whitelistedInstallationSources?: string[];
+};
+export declare type SuspiciousAppInfo = {
+    packageInfo: PackageInfo;
+    reason: string;
+};
+export declare type PackageInfo = {
+    packageName: string;
+    appName?: string;
+    version?: string;
+    appIcon?: string;
+    installerStore?: string;
+};
+export declare type NativeEventEmitterActions = {
     privilegedAccess?: () => any;
     debug?: () => any;
     simulator?: () => any;
@@ -42,6 +65,8 @@ export type NativeEventEmitterActions = {
     obfuscationIssues?: () => any;
     devMode?: () => any;
     systemVPN?: () => any;
+    malware?: (suspiciousApps: SuspiciousAppInfo[]) => any;
+    adbEnabled?: () => any;
 };
 export declare class Threat {
     value: number;
@@ -59,6 +84,8 @@ export declare class Threat {
     static Overlay: Threat;
     static ObfuscationIssues: Threat;
     static DevMode: Threat;
+    static Malware: Threat;
+    static ADBEnabled: Threat;
     constructor(value: number);
     static getValues(): Threat[];
 }

package/dist/esm/definitions.js

@@ -1,4 +1,4 @@
-import { Capacitor } from "@capacitor/core";
+import { Capacitor } from '@capacitor/core';
 export class Threat {
     constructor(value) {
         this.value = value;
@@ -19,6 +19,8 @@ export class Threat {
                 this.Overlay,
                 this.ObfuscationIssues,
                 this.DevMode,
+                this.Malware,
+                this.ADBEnabled,
             ]
             : [
                 this.AppIntegrity,
@@ -49,4 +51,6 @@ Threat.UnofficialStore = new Threat(0);
 Threat.Overlay = new Threat(0);
 Threat.ObfuscationIssues = new Threat(0);
 Threat.DevMode = new Threat(0);
+Threat.Malware = new Threat(0);
+Threat.ADBEnabled = new Threat(0);
 //# sourceMappingURL=definitions.js.map

package/dist/esm/definitions.js.map

@@ -1 +1 @@
-{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/definitions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AA4C5C,MAAM,OAAO,MAAM;IAkBjB,YAAY,KAAa;QACvB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,MAAM,CAAC,SAAS;QACd,OAAO,SAAS,CAAC,WAAW,EAAE,KAAK,SAAS;YAC1C,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,eAAe;gBACpB,IAAI,CAAC,OAAO;gBACZ,IAAI,CAAC,iBAAiB;gBACtB,IAAI,CAAC,OAAO;aACb;YACH,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,eAAe;aACrB,CAAC;IACR,CAAC;;AAjDM,mBAAY,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC7B,uBAAgB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACjC,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,gBAAS,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,iCAA0B,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC3C,gBAAS,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,oBAAa,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC9B,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,sBAAe,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAChC,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACxB,wBAAiB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAClC,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC","sourcesContent":["import { Capacitor } from \"@capacitor/core\";\n\nexport interface FreeraspPlugin {\n  addListener(listener: string, callback: (event: any) => void): any;\n  talsecStart(options: { config: FreeraspConfig }): Promise<{ started: boolean }>;\n  onInvalidCallback(): void;\n  getThreatIdentifiers(): Promise<{ ids: number[] }>;\n  getThreatChannelData(): Promise<{ ids: [string, string] }>;\n}\n\nexport type FreeraspConfig = {\n  androidConfig?: AndroidConfig;\n  iosConfig?: IOSConfig;\n  watcherMail: string;\n  isProd?: boolean;\n}\n\nexport type AndroidConfig = {\n  packageName: string;\n  certificateHashes: string[];\n  supportedAlternativeStores?: string[];\n}\n\nexport type IOSConfig = {\n  appBundleId: string;\n  appTeamId: string;\n}\n\nexport type NativeEventEmitterActions = {\n  privilegedAccess?: () => any;\n  debug?: () => any;\n  simulator?: () => any;\n  appIntegrity?: () => any;\n  unofficialStore?: () => any;\n  hooks?: () => any;\n  deviceBinding?: () => any;\n  deviceID?: () => any;\n  passcode?: () => any;\n  secureHardwareNotAvailable?: () => any;\n  obfuscationIssues?: () => any;\n  devMode?: () => any;\n  systemVPN?: () => any;\n};\n\nexport class Threat {\n  value: number;\n\n  static AppIntegrity = new Threat(0);\n  static PrivilegedAccess = new Threat(0);\n  static Debug = new Threat(0);\n  static Hooks = new Threat(0);\n  static Passcode = new Threat(0);\n  static Simulator = new Threat(0);\n  static SecureHardwareNotAvailable = new Threat(0);\n  static SystemVPN = new Threat(0);\n  static DeviceBinding = new Threat(0);\n  static DeviceID = new Threat(0);\n  static UnofficialStore = new Threat(0);\n  static Overlay = new Threat(0);\n  static ObfuscationIssues = new Threat(0);\n  static DevMode = new Threat(0);\n\n  constructor(value: number) {\n    this.value = value;\n  }\n\n  static getValues(): Threat[] {\n    return Capacitor.getPlatform() === 'android'\n      ? [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.SystemVPN,\n          this.DeviceBinding,\n          this.UnofficialStore,\n          this.Overlay,\n          this.ObfuscationIssues,\n          this.DevMode,\n        ]\n      : [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.SystemVPN,\n          this.DeviceBinding,\n          this.DeviceID,\n          this.UnofficialStore,\n        ];\n  }\n}\n"]}
+{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/definitions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAwE5C,MAAM,OAAO,MAAM;IAoBjB,YAAY,KAAa;QACvB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,MAAM,CAAC,SAAS;QACd,OAAO,SAAS,CAAC,WAAW,EAAE,KAAK,SAAS;YAC1C,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,eAAe;gBACpB,IAAI,CAAC,OAAO;gBACZ,IAAI,CAAC,iBAAiB;gBACtB,IAAI,CAAC,OAAO;gBACZ,IAAI,CAAC,OAAO;gBACZ,IAAI,CAAC,UAAU;aAChB;YACH,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,eAAe;aACrB,CAAC;IACR,CAAC;;AArDM,mBAAY,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC7B,uBAAgB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACjC,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,gBAAS,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,iCAA0B,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC3C,gBAAS,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,oBAAa,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC9B,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,sBAAe,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAChC,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACxB,wBAAiB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAClC,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACxB,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACxB,iBAAU,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC","sourcesContent":["import { Capacitor } from '@capacitor/core';\n\nexport interface FreeraspPlugin {\n  addListener(listener: string, callback: (event: any) => void): any;\n  talsecStart(options: {\n    config: FreeraspConfig;\n  }): Promise<{ started: boolean }>;\n  onInvalidCallback(): void;\n  getThreatIdentifiers(): Promise<{ ids: number[] }>;\n  getThreatChannelData(): Promise<{ ids: [string, string, string] }>;\n  addToWhitelist(options: {\n    packageName: string;\n  }): Promise<{ result: boolean }>;\n}\n\nexport type FreeraspConfig = {\n  androidConfig?: AndroidConfig;\n  iosConfig?: IOSConfig;\n  watcherMail: string;\n  isProd?: boolean;\n};\n\nexport type AndroidConfig = {\n  packageName: string;\n  certificateHashes: string[];\n  supportedAlternativeStores?: string[];\n  malwareConfig?: MalwareConfig;\n};\n\nexport type IOSConfig = {\n  appBundleId: string;\n  appTeamId: string;\n};\n\nexport type MalwareConfig = {\n  blacklistedHashes?: string[];\n  blacklistedPackageNames?: string[];\n  suspiciousPermissions?: string[][];\n  whitelistedInstallationSources?: string[];\n};\n\nexport type SuspiciousAppInfo = {\n  packageInfo: PackageInfo;\n  reason: string;\n};\n\nexport type PackageInfo = {\n  packageName: string;\n  appName?: string;\n  version?: string;\n  appIcon?: string;\n  installerStore?: string;\n};\n\nexport type NativeEventEmitterActions = {\n  privilegedAccess?: () => any;\n  debug?: () => any;\n  simulator?: () => any;\n  appIntegrity?: () => any;\n  unofficialStore?: () => any;\n  hooks?: () => any;\n  deviceBinding?: () => any;\n  deviceID?: () => any;\n  passcode?: () => any;\n  secureHardwareNotAvailable?: () => any;\n  obfuscationIssues?: () => any;\n  devMode?: () => any;\n  systemVPN?: () => any;\n  malware?: (suspiciousApps: SuspiciousAppInfo[]) => any;\n  adbEnabled?: () => any;\n};\n\nexport class Threat {\n  value: number;\n\n  static AppIntegrity = new Threat(0);\n  static PrivilegedAccess = new Threat(0);\n  static Debug = new Threat(0);\n  static Hooks = new Threat(0);\n  static Passcode = new Threat(0);\n  static Simulator = new Threat(0);\n  static SecureHardwareNotAvailable = new Threat(0);\n  static SystemVPN = new Threat(0);\n  static DeviceBinding = new Threat(0);\n  static DeviceID = new Threat(0);\n  static UnofficialStore = new Threat(0);\n  static Overlay = new Threat(0);\n  static ObfuscationIssues = new Threat(0);\n  static DevMode = new Threat(0);\n  static Malware = new Threat(0);\n  static ADBEnabled = new Threat(0);\n\n  constructor(value: number) {\n    this.value = value;\n  }\n\n  static getValues(): Threat[] {\n    return Capacitor.getPlatform() === 'android'\n      ? [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.SystemVPN,\n          this.DeviceBinding,\n          this.UnofficialStore,\n          this.Overlay,\n          this.ObfuscationIssues,\n          this.DevMode,\n          this.Malware,\n          this.ADBEnabled,\n        ]\n      : [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.SystemVPN,\n          this.DeviceBinding,\n          this.DeviceID,\n          this.UnofficialStore,\n        ];\n  }\n}\n"]}

package/dist/esm/index.d.ts

@@ -1,7 +1,8 @@
 import type { FreeraspPlugin, FreeraspConfig, NativeEventEmitterActions } from './definitions';
 declare const Freerasp: FreeraspPlugin;
-declare const setThreatListeners: <T extends NativeEventEmitterActions>(callbacks: T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>) => Promise<void>;
+declare const setThreatListeners: <T extends NativeEventEmitterActions>(callbacks: T & Record<Exclude<keyof T, "privilegedAccess" | "debug" | "simulator" | "appIntegrity" | "unofficialStore" | "hooks" | "deviceBinding" | "deviceID" | "passcode" | "secureHardwareNotAvailable" | "obfuscationIssues" | "devMode" | "systemVPN" | "malware" | "adbEnabled">, []>) => Promise<void>;
 declare const removeThreatListeners: () => void;
-declare const startFreeRASP: <T extends NativeEventEmitterActions>(config: FreeraspConfig, reactions: T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>) => Promise<boolean | undefined>;
+declare const startFreeRASP: <T extends NativeEventEmitterActions>(config: FreeraspConfig, reactions: T & Record<Exclude<keyof T, "privilegedAccess" | "debug" | "simulator" | "appIntegrity" | "unofficialStore" | "hooks" | "deviceBinding" | "deviceID" | "passcode" | "secureHardwareNotAvailable" | "obfuscationIssues" | "devMode" | "systemVPN" | "malware" | "adbEnabled">, []>) => Promise<boolean>;
+declare const addToWhitelist: (packageName: string) => Promise<boolean>;
 export * from './definitions';
-export { Freerasp, startFreeRASP, setThreatListeners, removeThreatListeners };
+export { Freerasp, startFreeRASP, setThreatListeners, removeThreatListeners, addToWhitelist, };